XP Mode secure if no network connection?

I've seen a lot of discussion on how insecure an XP Mode VM will be now that MS security updates are no longer being released; MS themselves say on their installation page for Windows XP Mode:

"Therefore, to keep your Windows 7 PC secure after support ends, we recommend that you only use Windows XP Mode if your PC is disconnected from the Internet."

However, it seems to me you only need to disconnect the VM from the Internet, not the host system. So my question is: if the XP Mode VM is set up without network access (e.g. by removing or not installing any network adapters), is the system now secure?

This obviously only works if you have programs requiring XP Mode which DON'T need network access, which is the case for my situation.

Thanx for any replies...

There are two separate things going here really.

First off, Microsoft was very speedy in spreading self-FUD against XP, claiming using it after end of support is very dangerous and risks the data and the system. We must understand that all this is, for the most part, a LIE to advertise Win8. System don't magically become more or less dangerous because the developer support or the lack of it. XP is working right now EXACTLY the same as before the end of support.
The real part of this FUD is that, as the system is not receiving updates, bugs will go unfixed and that might create security holes. Those can be very easily mitigated by following good security practices to reduce exposure and attack surface (contrary to the very insecure Windows default settings that MS promotes still to this day).
So, follow standard security practices: run as standard user, lower your permissions to the menimum needed, keep updated antivirus, use a properly configured firewall, and most important obey your common sense when installing things, updates, software and browsing, and you should be reasonably safe.



Another point is intenet access. This will for sure make the systems more secure, as it reduces the possible attack surface, less chance of programs phoning home, not a chance of unsafe browsing, or not that remote chance of a hacker trying to sneak in in a unproperly installed system.
This applies not only to VMs (as XP mode), but to all computers. Host systems, embeeded, VMs, home, office, everything is really a little safe in a caged environment (even those running Linux!), but all we know that's unrealistic right now.

I personally would not deprive the VM of internet access, but yes, technically speaking, doing so increases security. Shutting down internet from the host is even more efficient, really.

Thanx for the replies;

Brink: I understand that it is POSSIBLE for an infection to spread from host to VM and vice versa. Let's assume that I am comfortable with the security of my Win7 host system; I'm just trying to address the heightened risk of running XP in the VM. It seems to me that if I don't have a network adapter, the XP Mode VM is actually MORE secure than the host because there would be no way for malware to get in. I don't even see why I would need ANY XP security updates applied to the VM, right?

Alejandro85: I agree that following good security practices in general improves overall security. I already set up and operate my Win7 host systems using all the things you mention: limited user, permissions, antivirus, firewall, common sense. But if I have NO Internet access inside the VM, it seems to me I could ignore all that advice: run as full admin inside the VM, NOT install antivirus or firewall (what is the firewall going to do without a network connection??), NOT install ANY security updates (even old ones) and still be more secure inside the VM than out. You mention "less chance of programs phoning home"; wouldn't that be NO chance if we're talking about a program inside the VM?

I don't know about most people, but I ONLY use Windows Virtual PC w/XP Mode when I have a client that is desperate to run an OLD program (1990's era accounting & CAD programs are a good example) that will not run via ANY other means in Win7. If they are willing to live with running those programs without Internet access (not a problem for the examples I've given), then turning off network access inside the VM doesn't restrict them in any way: they have normal access to the Internet from the Win7 host.

Final note: I realize malware can still get into the VM from local resources (USB thumb drives, etc.). I actually restrict my XP Mode VMs even more by disabling access to ALL local drives and devices and only exposing select directories required to run the few programs that are installed inside the VM.

I'm not asking if running XP this way is COMPLETELY secure (not possible with any system!!). What I want to know is if running XP this way is MORE secure (or at least NO LESS secure) than my Win7 host system which does need have Internet access??

Thanx again...